Apple Patches Actively Exploited Zero-day

By   ISBuzz Staff
Editorial Team , Information Security Buzz | Feb 15, 2022 04:00 am PST

Apple has released emergency security updates to combat a new zero-day bug in its WebKit browser engine that is allowing threat actors to execute arbitrary code on vulnerable versions of iPads, iPhones, and MacOS devices. Apple said that it was aware of reports that this bug may have been actively exploited by cyber criminals. This zero-day patched by Apple is indexed as CVE-2022-22620. It’s a use-after-free vulnerability in WebKit resulting in the execution of arbitrary code after processing maliciously crafted web content on devices with iPadOS and on iOS that are vulnerable versions.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Jake Moore
Jake Moore , Cybersecurity Specialist
InfoSec Expert
February 15, 2022 12:00 pm

Many people are still blissfully unaware that Apple devices can even have bugs that can potentially risk their security and privacy. The notorious Pegasus malware has caused many a headache for Apple developers and proved vulnerabilities can be dangerously exploited. The simplicity of such an attack to occur after just visiting a website should bring home the scale of this possible attack but luckily Apple were quick to react. It is vital to keep operating systems on Apple devices up to date and to have auto updates on for apps where possible.

Last edited 11 months ago by Jake Moore

Recent Posts

1
0
Would love your thoughts, please comment.x
()
x